Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,858 vulnerabilities with CWE-770

CVE-2026-48854 HIGH

Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc

CVE-2026-48853 CRITICAL

Remote code execution and denial of service via unsafe Erlang term deserialization in elixir-grpc/grpc

CVE-2026-8683 MEDIUM

Overly long URLs crash the Mattermost Desktop App

CVE-2026-53522 MEDIUM

Nezha Monitoring: Unbounded WebSocket Streams — Resource Exhaustion DoS

CVE-2026-50560 MEDIUM

Netty susceptible to HTTP/2 Reset Attack with different on-the-wire signature

CVE-2026-50011 HIGH

Netty has unbounded pre-allocation in RedisArrayAggregator from RESP array length

CVE-2026-48748 HIGH

Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion

CVE-2026-46340 HIGH

Netty: SCTP reassembly nests buffers without bound

CVE-2026-45416 HIGH

Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes

CVE-2026-49347 MEDIUM

Quest Bot: Ticket creation has no per-user open-ticket limit or cooldown

CVE-2026-53781 MEDIUM

Summarize < 0.17.0 Disk Exhaustion via Uncapped Media Download

CVE-2026-45802 MEDIUM

FPDI: Memory Exhaustion and Endless Loop in FPDI leads to Denial of Service

CVE-2026-44488 HIGH

Axios: Allocation of Resources Without Limits or Throttling in axios

CVE-2026-7250 HIGH

Allocation of Resources Without Limits or Throttling in GitLab

CVE-2026-53423 MEDIUM

Unauthenticated denial-of-service via BEAM atom table exhaustion in membrane_mp4_plugin

CVE-2026-1500 MEDIUM

Allocation of Resources Without Limits or Throttling in GitLab

CVE-2026-53460 HIGH

ImageMagick: Policy Bypass can trigger out-of-Memory condition

CVE-2026-46702 HIGH

Russh: Post-decompression SSH packet size was not bounded, allowing remote oversized compressed packets

CVE-2026-46673 HIGH

Russh < 0.60.3 CryptoVec - Unbounded Allocation Resource Exhaustion

CVE-2026-45031 MEDIUM

ImageMagick: Policy Bypass in PSD decoder

CVE-2026-10740 MEDIUM

Excessive memory allocation in s2n-quic

CVE-2026-24720 MEDIUM

QNAP File Station 5 < 5.5.6.5243 - Resource Exhaustion

CVE-2026-41726 MEDIUM

In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header

CVE-2026-41716 HIGH

Spring Data web support unbounded negative-result cache keyed on attacker-supplied property names

CVE-2026-28237 MEDIUM

Amd µProf - Allocation of Resources Without Limits or Throttling

Page 1 of 75 Next

Details

Vulnerabilities 1,858

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy